CVE-2026-24444— SDMC NE6037 Hardcoded Password via mgmt.php/npcmd.php
Possible ATT&CK Techniques 3AI
T1133 · External Remote Services T1078.001 · Default Accounts T1190 · Exploit Public-Facing ApplicationAffected Version Matrix 2
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SDMC Technology Co., Ltd | NE6037 | 7.1.6.0.25 | affected |
7.1.6.1.9_B9 | affected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-24444
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
SDMC NE6037 Hardcoded Password via mgmt.php/npcmd.php
Source: NVD (National Vulnerability Database)
Vulnerability Description
SDMC NE6037 cable modem routers running firmware 7.1.6.0.25 and 7.1.6.1.9_B9 contain a hardcoded password vulnerability in the web management interface recovery endpoints (mgmt.php, npcmd.php) that allows unauthenticated attackers to gain root access by submitting the hardcoded credential to the recovery endpoint via HTTP. Attackers can leverage this hardcoded password to enable filtered SSH and Telnet services on the device, resulting in unauthenticated root-level remote access to the underlying system.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
使用硬编码的凭证
Source: NVD (National Vulnerability Database)
Vulnerability Title
SDMC NE6037 信任管理问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
SDMC NE6037是中国华曦达(SDMC)公司的一款有线调制解调器。 SDMC NE6037 cable modem routers 7.1.6.0.25版本和7.1.6.1.9_B9版本存在信任管理问题漏洞,该漏洞源于Web管理界面恢复端点中存在硬编码密码,可能导致未经验证的攻击者通过HTTP提交硬编码凭据获得root访问权限。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| SDMC Technology Co., Ltd | NE6037 | 7.1.6.0.25 | - |
II. Public POCs for CVE-2026-24444
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-24444
请登录查看更多情报信息。
Security Blog Posts for CVE-2026-24444 (1)
- 🔗 Recovering the rooter: SDMC NE6037 CVE-2026-24444 | kr3bz Read full article technical-descriptionexploit
Vendor Pages for CVE-2026-24444 (1)
IV. Related Vulnerabilities
Same weakness: CWE-798
- CVE-2019-25722
Dräger SC Monitoring Devices Hard-coded Credentials and DoS - CVE-2026-42251
Hard-coded credentials in KS-SOMED - CVE-2026-25600
Credential Exposure Vulnerability in Trac PDBM - CVE-2026-44825
Apache Solr: Enabling BasicAuth using bin/solr CLI configure - CVE-2026-42929
MacGregor Voyage Data Recorder (VDR) G4e Use of Hard-coded C
V. Comments for CVE-2026-24444
No comments yet